On-premises Identity-related updates and fixes for January 2023

Reading Time: 2 minutes

Windows Serrer

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.

This is the list of Identity-related updates and fixes we saw for January 2023:

 

Windows Server 2016

We observed the following update for Windows Server 2016:

KB5022289 January 10, 2023

The January 10, 2023, update for Windows Server 2016 (KB5022289), updating the OS build number to 14393.5648, is a monthly cumulative update that includes two Identity-related improvements:

  • It addresses an issue that might affect authentication. It might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if you do not set the encryption types or you disable the RC4 encryption type on the domain.
  • It introduces a Group Policy setting that enables and disables HTML Application (HTA) files. If you enable this policy, it stops you from running HTA files. If you disable or do not configure this policy, you can run HTA files.

 

Windows Server 2019

We observed the following updates for Windows Server 2019:

KB5022286 January 10, 2023

The January 10, 2023, update for Windows Server 2019 (KB5022286), updating the OS build number to 17763.3887, is a monthly cumulative update that includes one Identity-related improvement. This update addresses an issue that might affect authentication. It might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if you do not set the encryption types or you disable the RC4 encryption type on the domain.

 

Windows Server 2022

We observed the following updates for Windows Server 2022:

KB5022291 January 10, 2023

The January 10, 2023, update for Windows Server 2022 (KB5022291), updating the OS build number to 202348.1487, is a monthly cumulative update that includes two Identity-related improvements:

  • It addresses an issue that might affect authentication. It might fail after you set the higher 16-bits of the msds-SupportedEncryptionTypes attribute. This issue might occur if you do not set the encryption types or you disable the RC4 encryption type on the domain.
  • It addresses issues that affect the Local Session Manager (LSM). These issues might allow users who do not have admin rights to perform actions that only an admin can.

Author: Sander Berkouwer

Sander Berkouwer is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.